Five Rules to Detect and Avoid Phishing Scams

One of the more sinister and increasingly prevalent methods of identity theft is the practice of "spoofing" or "phishing," involving the sending of e-mails that mirror the appearance of a popular Web site or company in an attempt to commit identity theft. Phisher e-mails claim to be sent by a legitimate company and ask consumers to reply
with personal information, such as their credit card number, social security number and account password.

A June 2004 survey of 6,300 consumers conducted by the privacy nonprofit TRUSTe and the Ponemon Institute revealed that 76 percent of consumers consider identity theft their number one privacy concern.

In response to the sharp increase in e-mail phishing, TRUSTe released five rules to help consumers detect and avoid phishing scams:

  1. Be suspicious of urgent demands for information. Often spoofed e-mails will make some form of urgent request. For example, the e-mail will claim that your account will be terminated if you fail to confirm your sensitive information.
  2. Look for misspelled words or grammatical errors in the message and/or hyperlink. Blatant misspelled words and/or grammatical errors are common in spoof e-mail scams.
  3. Avoid e-mailing personal and financial information. Before submitting financial or account information to a Web site, look for a third-party privacy seal to ensure that the transaction is secure. Also avoid volunteering private information like passwords or a personal social security number.
  4. Be watchful of general greetings. Many spoof e-mails begin with a general greeting such as "Welcome eBay User" rather than directly addressing the registered user by name.
  5. Contact the company directly. If you have any doubts about an e-mail or Web site, open a new browser and visit the company directly to verify Web site. Don't be afraid to call customer service about an e-mail.

In addition, consumers should choose Web sites for online commerce carefully. "Consumers should make purchases only from companies that take identity threats seriously. We advise that consumers work with companies that have taken steps to correct any challenging situations and demonstrated their support by countering cybercriminals engaged in phishing activities,” said Fran Maier, president and executive director, TRUSTe.

You may like these other stories...

Some of your clients may get away to business conventions from time to time. It gives them a chance to rub shoulders with colleagues, catch up on the latest developments, and fine-tune their skills. And, when the meetings or...
PwC must face $1 billion lawsuit over MF Global adviceA federal judge on Wednesday ordered PricewaterhouseCoopers (PwC) to face a $1 billion lawsuit claiming that its bad accounting advice was a substantial cause of the...
Being an accountant doesn't mean you're giving investment advice to clients. However, at tax time, accountants often have to deal with the results of any investment advice clients obtained during the year—the...

Already a member? log in here.

Upcoming CPE Webinars

Sep 9
In this session we'll discuss the types of technologies and their uses in a small accounting firm office.
Sep 10
Transfer your knowledge and experience to prepare your team for the challenges and opportunities of an accounting career.
Sep 11
This webcast will include discussions of commonly-applicable Clarified Auditing Standards for audits of non-public, non-governmental entities.
Sep 24
In this jam-packed presentation Excel expert David Ringstrom, CPA will give you a crash-course in creating spreadsheet-based dashboards. A dashboard condenses large amounts of data into a compact space, yet enables the end user to easily drill down into details when warranted.